Cybercriminals Exploiting Cryptocurrency Trends in Financial Services Sector | GBAF

Cybercriminals Exploiting Cryptocurrency Trends in Financial Services Sector | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Finance > Cryptojacking and its impact within the financial services sector

Cryptojacking and its impact within the financial services sector

Published by Gbaf News

Posted on August 24, 2018

11 min read

Last updated: January 21, 2026

Protests at Rafah border crossing regarding Trump's displacement plan - Global Banking & Finance Review — Image depicting protests at the Rafah border crossing, reflecting public unrest amidst economic tensions. This relates to the article's focus on the euro's decline against the dollar due to the energy crisis affecting Europe.

Contributed by Aamir Lakhani, Lead Researcher and Cybersecurity Expert, Fortinet

Today, the financial services sector finds itself in a unique position as it adapts both its technical and business processes to meet the demands of customers looking for extended capabilities, increased convenience and greater accessibility.

This shift is driving organizations to undergo significant digital transformation in order to better meet the needs of both consumers and employees and remain competitive in an evolving market. This transformation, however, also provides a clear window of opportunity for cybercriminals looking to exploit new and overlooked network vulnerabilities.

One of the most popular trends digital transformation aims to facilitate within the financial services sector is that of cryptocurrency. Though it has been around for years, the recent leap in crypto value has brought digital currency to the front of mainstream attention. Motivated by the skyrocketing value of various cryptocurrencies like Bitcoin, Ethereum and Ripple, and the anonymity many of them provide, cybercriminals have begun to shift their efforts in order to cash in on this opportunity.

To do this, cybercriminals have developed a form of cyberattack known as cryptojacking. This occurs when malware hijacks an organization’s network elements in order to repurpose them for mining cryptocurrency. This often involves leveraging unused CPU cycles on infected devices so that these mining activities are never noticed by its victims. If left unchecked, this often “below the radar” form of cyberattack can have serious consequences to financial service firms.

Cryptojacking Within the Financial Services Sector

As shown in our most recent Threat Landscape Report for Q1 of 2018, cybercriminals are expanding their attack capabilities, looking to do more than simply collect cryptocurrency through a ransomware attack. Cryptojacking often uses the same methodologies as ransomware attacks, with one main difference: the victims don’t need to know they have been attacked in order for cybercriminals to generate a lucrative income stream. As cybercriminals continue to expand their capabilities across the kill chain, we’ve seen a 30 percent increase in cryptojacking attacks since Q4.

Cryptojacking within the financial services sector can take many forms. Whether it’s maliciously injecting exploits into the browsers of computers, known as forced mining, distributing malware across servers and IoT devices, or even hijacking Wi-Fi routers, these infections are designed to leach CPU resources in order to generate cryptocurrency for the financial gain of cybercriminals. While the impact of such attacks once caused system crashes, poor network efficiency and a sharp drop in machine speed for both personnel and consumers, newer, more sophisticated versions of cryptojacking malware often use rate-limiting buffers to minimize their impact on end users, thereby reducing the chance of their being detected.

Unfortunately, the exploit capabilities of cryptojacking have begun to increase. Cybercriminals now have the capability to cryptojack cloud-based, enterprise-level applications, as seen in a recent attack earlier this year. This means that financial service firms leveraging these application management systems within their own websites and applications could potentially host cryptojacking malware that can quickly spread to large numbers of consumer devices.

The Impact of Cryptojacking

At its most basic level, cryptojacking only operates within browser windows and Java scripts, affecting only those specific machines and devices that are infected. However, if enough network elements are infected, they can have a serious impact on efficiency and business operations.

Delivery methods are also becoming more sophisticated. Some cybercriminals are now leveraging the EternalBlue exploit, which made headlines for its use in the large-scale WannaCry ransomware attacks, to instead deliver cryptojacking malware to unsuspecting businesses. Aptly titled WannaMine, this more malicious form of cryptojacking malware has the potential to render companies across industries inoperable for days or weeks at a time. This infection can also move laterally across a network, identifying and exploiting vulnerabilities in machines and devices not properly patched or secured.

For cybersecurity professionals within the financial services sector, this is big news. Typically, the goal of cryptojacking is parasitic in nature, meaning that cybercriminals don’t want to leverage enough CPU to merit unwanted attention to their operation. However, in an industry where market orders are placed in fractions of a second, any compromise in network efficiency can have dire consequences.

What’s more, we measured the persistence of botnet infections in Q1. Of the botnet infections we looked at, more than half were cleaned the same day of the infection, but about five percent still managed to linger within a network for more than a week, indicating that successful cryptojacking infections can remain within a network far after the attack was identified and countermeasures taken.

The impact of cryptojacking doesn’t stop within the firm’s network, either. Today’s consumers expect the digital services they use to run quickly and efficiently. Those using the services of a firm experiencing a cryptojacking infection will notice slower computer/device speeds when using their websites and applications. This has the potential to adversely impact brand value and the loyalty of customers using those infected services.

To properly address the threat of cryptojacking, financial service firms need to deploy security solutions within an integrated, automated cybersecurity system capable of monitoring networks at machine speed while being able to mitigate damage and efficiently patch vulnerabilities through integrated security device collaboration. As financial service organizations continue to expand their digital offerings and further facilitate digital transformation, such integrated solutions can help ensure an effective, modern security posture that adapts to any new threat vectors introduced to the network.

Final Thoughts

The financial services sector is a lucrative target for cyberattacks. As firms and organizations continue to make the digital transformation necessary to facilitate growing consumer demand, the attack space subsequently widens, allowing cybercriminals to leach off of internal and consumer machines and devices to harvest cryptocurrency. Next-generation tools help assure cryptojacking malware can be successfully identified and mitigated.

About the author:

Aamir Lakhani is a Global Security Strategist and Lead Researcher for FortiGuard Labs. Aamir Lakhani formulates security strategy with more than fifteen years of cybersecurity experience, his goal to make a positive impact towards the global war on cyber-crime and information security. Lakhani provides thought leadership to industry and has presented research and strategy world-wide at premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders who help define the future of cybersecurity.

Contributed by Aamir Lakhani, Lead Researcher and Cybersecurity Expert, Fortinet

Today, the financial services sector finds itself in a unique position as it adapts both its technical and business processes to meet the demands of customers looking for extended capabilities, increased convenience and greater accessibility.

This shift is driving organizations to undergo significant digital transformation in order to better meet the needs of both consumers and employees and remain competitive in an evolving market. This transformation, however, also provides a clear window of opportunity for cybercriminals looking to exploit new and overlooked network vulnerabilities.

One of the most popular trends digital transformation aims to facilitate within the financial services sector is that of cryptocurrency. Though it has been around for years, the recent leap in crypto value has brought digital currency to the front of mainstream attention. Motivated by the skyrocketing value of various cryptocurrencies like Bitcoin, Ethereum and Ripple, and the anonymity many of them provide, cybercriminals have begun to shift their efforts in order to cash in on this opportunity.

To do this, cybercriminals have developed a form of cyberattack known as cryptojacking. This occurs when malware hijacks an organization’s network elements in order to repurpose them for mining cryptocurrency. This often involves leveraging unused CPU cycles on infected devices so that these mining activities are never noticed by its victims. If left unchecked, this often “below the radar” form of cyberattack can have serious consequences to financial service firms.

Cryptojacking Within the Financial Services Sector

As shown in our most recent Threat Landscape Report for Q1 of 2018, cybercriminals are expanding their attack capabilities, looking to do more than simply collect cryptocurrency through a ransomware attack. Cryptojacking often uses the same methodologies as ransomware attacks, with one main difference: the victims don’t need to know they have been attacked in order for cybercriminals to generate a lucrative income stream. As cybercriminals continue to expand their capabilities across the kill chain, we’ve seen a 30 percent increase in cryptojacking attacks since Q4.

Cryptojacking within the financial services sector can take many forms. Whether it’s maliciously injecting exploits into the browsers of computers, known as forced mining, distributing malware across servers and IoT devices, or even hijacking Wi-Fi routers, these infections are designed to leach CPU resources in order to generate cryptocurrency for the financial gain of cybercriminals. While the impact of such attacks once caused system crashes, poor network efficiency and a sharp drop in machine speed for both personnel and consumers, newer, more sophisticated versions of cryptojacking malware often use rate-limiting buffers to minimize their impact on end users, thereby reducing the chance of their being detected.

Unfortunately, the exploit capabilities of cryptojacking have begun to increase. Cybercriminals now have the capability to cryptojack cloud-based, enterprise-level applications, as seen in a recent attack earlier this year. This means that financial service firms leveraging these application management systems within their own websites and applications could potentially host cryptojacking malware that can quickly spread to large numbers of consumer devices.

The Impact of Cryptojacking

At its most basic level, cryptojacking only operates within browser windows and Java scripts, affecting only those specific machines and devices that are infected. However, if enough network elements are infected, they can have a serious impact on efficiency and business operations.

Delivery methods are also becoming more sophisticated. Some cybercriminals are now leveraging the EternalBlue exploit, which made headlines for its use in the large-scale WannaCry ransomware attacks, to instead deliver cryptojacking malware to unsuspecting businesses. Aptly titled WannaMine, this more malicious form of cryptojacking malware has the potential to render companies across industries inoperable for days or weeks at a time. This infection can also move laterally across a network, identifying and exploiting vulnerabilities in machines and devices not properly patched or secured.

For cybersecurity professionals within the financial services sector, this is big news. Typically, the goal of cryptojacking is parasitic in nature, meaning that cybercriminals don’t want to leverage enough CPU to merit unwanted attention to their operation. However, in an industry where market orders are placed in fractions of a second, any compromise in network efficiency can have dire consequences.

What’s more, we measured the persistence of botnet infections in Q1. Of the botnet infections we looked at, more than half were cleaned the same day of the infection, but about five percent still managed to linger within a network for more than a week, indicating that successful cryptojacking infections can remain within a network far after the attack was identified and countermeasures taken.

The impact of cryptojacking doesn’t stop within the firm’s network, either. Today’s consumers expect the digital services they use to run quickly and efficiently. Those using the services of a firm experiencing a cryptojacking infection will notice slower computer/device speeds when using their websites and applications. This has the potential to adversely impact brand value and the loyalty of customers using those infected services.

To properly address the threat of cryptojacking, financial service firms need to deploy security solutions within an integrated, automated cybersecurity system capable of monitoring networks at machine speed while being able to mitigate damage and efficiently patch vulnerabilities through integrated security device collaboration. As financial service organizations continue to expand their digital offerings and further facilitate digital transformation, such integrated solutions can help ensure an effective, modern security posture that adapts to any new threat vectors introduced to the network.

Final Thoughts

The financial services sector is a lucrative target for cyberattacks. As firms and organizations continue to make the digital transformation necessary to facilitate growing consumer demand, the attack space subsequently widens, allowing cybercriminals to leach off of internal and consumer machines and devices to harvest cryptocurrency. Next-generation tools help assure cryptojacking malware can be successfully identified and mitigated.

About the author:

Aamir Lakhani is a Global Security Strategist and Lead Researcher for FortiGuard Labs. Aamir Lakhani formulates security strategy with more than fifteen years of cybersecurity experience, his goal to make a positive impact towards the global war on cyber-crime and information security. Lakhani provides thought leadership to industry and has presented research and strategy world-wide at premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders who help define the future of cybersecurity.